Product:

Jboss_business_rules_management_system

(Redhat)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2018-08-01 CVE-2016-8608 JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via business process editor. The flaw is due to an incomplete fix for CVE-2016-5398. Remote, authenticated attackers that have privileges to create business processes can store scripts in them, which are not properly sanitized before showing to other users, including admins. Jboss_bpm_suite, Jboss_business_rules_management_system 5.4
2020-03-11 CVE-2011-2487 The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. Cxf, Wss4j, Jboss_business_rules_management_system, Jboss_enterprise_application_platform, Jboss_enterprise_application_platform_text\-Only_advisories, Jboss_enterprise_soa_platform, Jboss_enterprise_web_platform, Jboss_middleware_text\-Only_advisories, Jboss_portal, Jboss_web_services 5.9
2019-11-12 CVE-2010-3857 JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter. Jboss_business_rules_management_system N/A